Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

open_connection: Wrong server signature #418

Closed
mkrueger opened this issue Dec 19, 2024 · 5 comments
Closed

open_connection: Wrong server signature #418

mkrueger opened this issue Dec 19, 2024 · 5 comments

Comments

@mkrueger
Copy link

mkrueger commented Dec 19, 2024
edited
Loading

I'm getting Wrong server signature.

I'm not doing something special - but I can't find the issue - any clues?


struct Client {}

#[async_trait]
impl client::Handler for Client {
    type Error = russh::Error;

    async fn check_server_key(
        &mut self,
        _server_public_key: &ssh_key::PublicKey,
    ) -> Result<bool, Self::Error> {
        Ok(true)
    }
}

...
        let config = client::Config {
            inactivity_timeout: Some(Duration::from_secs(5)),
            ..<_>::default()
        };

        let config = Arc::new(config);
        let sh = Client {};
        let mut session = russh::client::connect(config, addrs, sh).await?; // <- crash

Note: I'm writing a terminal app and need the library for the ssh connection part.
@Eugeny
Copy link
Owner

Eugeny commented Dec 20, 2024

Which version of the crate are you using? Consider raising the log level to debug (the crate uses log, so you can use env_logger or similar) and checking the logs. Also which host key and kex algorithm is being used? (you'll see it in the log)

@mkrueger
Copy link
Author

mkrueger commented Dec 20, 2024
edited
Loading

Thought I'm just doing an easy beginner error.

I'm using the git version - have tried the latests version 0.49.1 as well - same result.
Have problems connecting since ~1y or so.

It's an open source project so it's not urgent but I want to continue on that a bit.
(FYI https://github.com/mkrueger/icy_tools/blob/master/crates/icy_term/README.md)

Sure:

[2024-12-20T12:56:06Z DEBUG russh::ssh_read] read_ssh_id: reading
[2024-12-20T12:56:06Z DEBUG russh::ssh_read] read 18
[2024-12-20T12:56:06Z DEBUG russh::ssh_read] Ok("SSH-2.0-cryptlib\r\n")
[2024-12-20T12:56:06Z DEBUG russh::cipher] writing, seqn = 0
[2024-12-20T12:56:06Z DEBUG russh::cipher] padding length 7
[2024-12-20T12:56:06Z DEBUG russh::cipher] packet_length 972
[2024-12-20T12:56:06Z DEBUG russh::client] writing 976 bytes
[2024-12-20T12:56:06Z DEBUG russh::ssh_read] id 18 18
[2024-12-20T12:56:06Z DEBUG russh::cipher] reading, len = [0, 0, 1, 60]
[2024-12-20T12:56:06Z DEBUG russh::cipher] reading, seqn = 0
[2024-12-20T12:56:06Z DEBUG russh::cipher] reading, clear len = 316
[2024-12-20T12:56:06Z DEBUG russh::cipher] read_exact 320
[2024-12-20T12:56:06Z DEBUG russh::cipher] read_exact done
[2024-12-20T12:56:06Z DEBUG russh::cipher] reading, padding_length 42
[2024-12-20T12:56:06Z DEBUG russh::client::kex] extending []
[2024-12-20T12:56:06Z DEBUG russh::negotiation] kex 243
[2024-12-20T12:56:06Z DEBUG russh::negotiation] kex 280
[2024-12-20T12:56:06Z DEBUG russh::negotiation] kex 291
[2024-12-20T12:56:06Z DEBUG russh::negotiation] client_compression = None
[2024-12-20T12:56:06Z DEBUG russh::client::kex] algo = Names { kex: Name("diffie-hellman-group14-sha1"), key: Rsa { hash: Some(Sha256) }, cipher: Name("3des-cbc"), client_mac: Name("hmac-sha2-256"), server_mac: Name("hmac-sha2-256"), server_compression: None, client_compression: None, ignore_guessed: false, strict_kex: false }
[2024-12-20T12:56:06Z DEBUG russh::client::kex] write = []
[2024-12-20T12:56:06Z DEBUG russh::client::kex] i0 = 964
[2024-12-20T12:56:06Z DEBUG russh::cipher] writing, seqn = 1
[2024-12-20T12:56:06Z DEBUG russh::cipher] padding length 5
[2024-12-20T12:56:06Z DEBUG russh::cipher] packet_length 268
[2024-12-20T12:56:06Z DEBUG russh::client::kex] moving to kexdhdone, exchange = Exchange { client_id: CryptoVec { p: 0x7b618002bc00, size: 20, capacity: 32 }, server_id: CryptoVec { p: 0x7b618002bbe0, size: 16, capacity: 16 }, client_kex_init: CryptoVec { p: 0x7b6110003250, size: 964, capacity: 2048 }, server_kex_init: CryptoVec { p: 0x7b6110001090, size: 273, capacity: 512 }, client_ephemeral: CryptoVec { p: 0x7b6110003040, size: 257, capacity: 512 }, server_ephemeral: CryptoVec { p: 0x1, size: 0, capacity: 0 } }
[2024-12-20T12:56:07Z DEBUG russh::cipher] reading, len = [0, 0, 3, 124]
[2024-12-20T12:56:07Z DEBUG russh::cipher] reading, seqn = 1
[2024-12-20T12:56:07Z DEBUG russh::cipher] reading, clear len = 892
[2024-12-20T12:56:07Z DEBUG russh::cipher] read_exact 896
[2024-12-20T12:56:07Z DEBUG russh::cipher] read_exact done
[2024-12-20T12:56:07Z DEBUG russh::cipher] reading, padding_length 67
[2024-12-20T12:56:07Z DEBUG russh::client] server_public_Key: PublicKey { key_data: Rsa(RsaPublicKey { e: Mpint(010001), n: Mpint(00ACE2A91770961BF2EF27F321C27514FF8103FC61E04A7AEB3FD7C52B46841B0E9614A8EAD0352CA4A1520CCE1222FAF9F579D3C4F95E82B2AAE1158F2C67D5D2C4577B6A733D2B146422E64EE25B476D4602FD10FF832D90E9140313762B0D3F5E8186D425117B1230AD8437F213FCA5068E30B28FC9BB7FA7D6D0ABACFCA380402601C4B07856EB924FE68C10EB502AC44AF2868B50756DF89ED07FC9E2B308BB021F2E4B45743A5729E9610B8AA62D48770DCA38B7FC77469EA9E6F335949EBAF2C917B4DE8286CB39D8CE13D29FFFD7B02085661DDDBFA29E2D0CA41B9D8BFF945398C51D14EA30E312265876626FC03EE711A9D23EE91A479BDB8487FF6F) }), comment: "" }
[2024-12-20T12:56:07Z DEBUG russh::client] kexdhdone.exchange = Exchange { client_id: CryptoVec { p: 0x7b618002bc00, size: 20, capacity: 32 }, server_id: CryptoVec { p: 0x7b618002bbe0, size: 16, capacity: 16 }, client_kex_init: CryptoVec { p: 0x7b6110003250, size: 964, capacity: 2048 }, server_kex_init: CryptoVec { p: 0x7b6110001090, size: 273, capacity: 512 }, client_ephemeral: CryptoVec { p: 0x7b6110003040, size: 257, capacity: 512 }, server_ephemeral: CryptoVec { p: 0x7b6110004740, size: 256, capacity: 256 } }
[2024-12-20T12:56:07Z DEBUG russh::client] exchange hash: CryptoVec { p: 0x7b6110002e20, size: 20, capacity: 32 }
[2024-12-20T12:56:07Z DEBUG russh::client] sig_type: "rsa-sha2-256"
[2024-12-20T12:56:07Z DEBUG russh::client] signature: b"\xa7\xd0+\xe23tX\tqz\xdd\0\xf1\x19.\xc4\xbd\x9b\xb8\xcfs\xf0\x87\x8a\x1f\xdd'g\xb9\xd4\xb0|\xdc\x03O\xe5\xa7\xdbZ\x01:TF\x9e\xcd\x9cy\xc2\xee}\xe4\xd65\x0f\xd2<\x19\0,\xf5\r\xc8|&Z\x08\x9ck\x91Y\x7f'\xd6N\x97?\x89E\xae\xba\xca\x9f5\x9cA\xf1\xa6\xbaAjVK\xf2T\xfb\xa1\x95Fe\xf3 \xd0\xd9m?\xb1\xaf9*\xa4\xc9O\xc6\x10\x91\xda5\xdd\xbc$\xa8zr\"\x84\xa2Y1\xf0\xaf\x8e\x12X\x95v\x1e\xb5\xfe\xf3Ca\xe1\xe1\x08sY\xd0\xd9\x9e\xbbOF\x0e/q{g\xf0\xb6n\x03\xbf\x02\xb9\x7f\xa78C\xa6c\x9c\x1b|\xeaKNhW\xd2\xfc\xaa\x18\xf7\xdf\xcaD\xe0o$JV#\x1eDX\x85\xfe\xc0\x96/\x942\xd0\x89\x1b\x8c\xabb\xe7\xf6LB\x9d\xdbg8\xf3``\x8f\xa4r\xb6\n\xc2\xf4\xdf\x84\xd3\xfc\x1czp\xb7Y\xbc\x08X\x9a\x03\x1fjF;\t\x88\xecH\x7fyL\n\x85.yN"
[2024-12-20T12:56:07Z DEBUG russh::client] wrong server sig
[2024-12-20T12:56:07Z DEBUG russh::client] drop session

Server is: 20forbeers.com:1338

It's a telnet BBS so it's up all the time.

I use an own preffered struct with all algorithms/ciphers for connecting :

        let mut preferred = Preferred::DEFAULT.clone();
        preferred.kex = Cow::Owned(kex::ALL_KEX_ALGORITHMS.iter().map(|k| **k).collect());
        preferred.cipher = Cow::Owned(cipher::ALL_CIPHERS.iter().map(|k| **k).collect());
        let config = client::Config {
            inactivity_timeout: Some(Duration::from_secs(5)),
            preferred,
            ..<_>::default()
        };

@Eugeny
Copy link
Owner

Eugeny commented Dec 20, 2024

Can you confirm that it works with OpenSSH using this exact set of algorithms?

[2024-12-20T12:56:06Z DEBUG russh::client::kex] algo = Names { kex: Name("diffie-hellman-group14-sha1"), key: Rsa { hash: Some(Sha256) }, cipher: Name("3des-cbc"), client_mac: Name("hmac-sha2-256"), server_mac: Name("hmac-sha2-256"), server_compression: None, client_compression: None, ignore_guessed: false, strict_kex: false }

@mkrueger
Copy link
Author

mkrueger commented Dec 20, 2024
edited
Loading

Works when using libssh-rs

Was porting over this code:
https://github.com/mkrueger/icy_term/blob/main/src/com/ssh.rs

Test case:

use std::time::Duration;

use libssh_rs::{Session, SshOption};

const SUPPORTED_CIPHERS: &str = "3des-cbc";
const SUPPORTED_KEY_EXCHANGES: &str = "diffie-hellman-group14-sha1";

fn main() {
    let session = Session::new().unwrap();

    session.set_option(SshOption::Hostname("20forbeers.com".to_string())).unwrap();
    session.set_option(SshOption::Port(1338)).unwrap();
    session.set_option(SshOption::KeyExchange(SUPPORTED_KEY_EXCHANGES.to_string())).unwrap();
    session.set_option(SshOption::CiphersCS(SUPPORTED_CIPHERS.to_string())).unwrap();
    session.set_option(SshOption::CiphersSC(SUPPORTED_CIPHERS.to_string())).unwrap();
    session.set_option(SshOption::Timeout(Duration::from_millis(5000))).unwrap();
    session.set_option(SshOption::LogLevel(libssh_rs::LogLevel::Warning)).unwrap();
    println!("Connecting to 20forbeers.com:1338...");
    session.connect().unwrap();
    println!("ok.");
}

Using:

[dependencies]
libssh-rs =  { version = "0.2.0", features = ["vendored", "vendored-openssl"] }

@Eugeny Eugeny closed this as completed in ad56a8e Dec 20, 2024
Eugeny added a commit that referenced this issue Dec 20, 2024
@Eugeny
fixed #418 - client - incorrect kex signature verification for RSA-SHA2
cb5d3ba
@mkrueger
Copy link
Author

Thanks - helps but I've an other issue about that. Will open a bug.

@mkrueger mkrueger mentioned this issue Dec 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Eugeny @mkrueger